<?php
namespace Waf;
/**
* 
*/
class Waf
{
	protected $args;
	protected $input_black;
	protected $input_args;
	protected $input_header;
	protected $input_cookies;
	protected $input_post;
	protected $scan_black;
	protected $cookie;
	protected $user_agent;
	protected $url;
	protected $post;
	function __construct()

	{
		$this->args=file_get_contents(dirname(__FILE__)."/rule/args.json");
		$this->scan_black=file_get_contents(dirname(__FILE__)."/rule/scan_black.json");
		$this->cookie=file_get_contents(dirname(__FILE__)."/rule/cookie.json");
		$this->url=file_get_contents(dirname(__FILE__)."/rule/url.json");
		$this->user_agent=file_get_contents(dirname(__FILE__)."/rule/user_agent.json");
		$this->post=file_get_contents(dirname(__FILE__)."/rule/post.json");
		$this->input_header=$_SERVER["HTTP_USER_AGENT"];
		$this->input_args=$_SERVER["REQUEST_URI"];
		$this->input_cookies=$_SERVER["HTTP_COOKIE"];
		$this->input_post=$this->arr_to_str($_POST);


	}
	//处理请求头黑名单严重 可封ip
	public function waf_black(){
		$sd=json_decode($this->scan_black,true);
		if (preg_match("#".$sd['header']."#i", $this->input_header)) {
			header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
			echo 'ua';exit();

		}    
		if (preg_match("#".$sd['args']."#i", $this->input_args)) {
			header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
			echo 'QUERY_STRING';exit();

		}   
		if (preg_match("#".$sd['cookie']."#i", $this->input_cookies)) {
			header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
			echo 'cookie';exit();

		}

	}
   //处理请求头ua 严重 可封ip
	public function waf_ua(){
		$sd=json_decode($this->user_agent,true);
		foreach ($sd as $key => $value) {
			if (preg_match("#".$value[1]."#i", $this->input_header)) {
				header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
				echo $value[2].'ua';exit();
				
			}
		}
	}

	public function waf(){
		$sd=json_decode($this->args,true);
		foreach ($sd as $key => $value) {
			if (preg_match("#".$value[1]."#i", $this->input_args)) {
				header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
				echo $value[2];exit();
				
			}
		}
		$sd=json_decode($this->url,true);
		foreach ($sd as $key => $value) {
			if (preg_match("#".$value[1]."#i", $this->input_args)) {
				header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
				echo $value[2].'$this->url';exit();
				
			}
		}

	}

	public function waf_post(){

		$sd=json_decode($this->post,true);
		foreach ($sd as $key => $value) {
			if (preg_match("#".$value[1]."#i", $this->input_post)) {
				header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
				echo $value[2];exit();
				
			}
		}


	}
	public function waf_cookie(){
		$sd=json_decode($this->cookie,true);
		foreach ($sd as $key => $value) {
			if (preg_match("#".$value[1]."#i", $this->input_cookies)) {
				header("HTTP/1.1 403 Forbidden");
				//echo  $this->wafhtml(); exit();
				//return $value[2];
				echo $value[2];exit();
				
			}
		}


	}



	public function arr_to_str($arr) {
		if (is_array($arr)) {
			$t ='' ;
		    foreach ($arr as $key => $value) {
			   $t=$t.'&'.$key.'='.$value;
		     }
		}else{
          $t=$arr;
		}
		
		return $t;
	}
	public function wafhtml(){
		$str1=<<<html
		<!doctype html>
		<html>
		<head>
			<meta charset="utf-8">
			<title>宝塔网站防火墙</title>
			<style>
				*{margin:0;padding:0;color:#444}
				body{font-size:14px;font-family:"宋体"}
				.main{width:600px;margin:10% auto;}
				.title{background: #20a53a;color: #fff;font-size: 16px;height: 40px;line-height: 40px;padding-left: 20px;}
				.content{background-color:#f3f7f9; height:280px;border:1px dashed #c6d9b6;padding:20px}
				.t1{border-bottom: 1px dashed #c6d9b6;color: #ff4000;font-weight: bold; margin: 0 0 20px; padding-bottom: 18px;}
				.t2{margin-bottom:8px; font-weight:bold}
				ol{margin:0 0 20px 22px;padding:0;}
				ol li{line-height:30px}
			</style>
		</head>

		<body>
			<div class="main">
				<div class="title">宝塔网站防火墙</div>
				<div class="content">
					<p class="t1">您的请求带有不合法参数，已被网站管理员设置拦截！</p>
					<p class="t2">可能原因：</p>
					<ol>
						<li>您提交的内容包含危险的攻击请求</li>
					</ol>
					<p class="t2">如何解决：</p>
					<ol>
						<li>检查提交内容；</li>
						<li>如网站托管，请联系空间提供商；</li>
						<li>普通网站访客，请联系网站管理员；</li>
						<li>这是误报，请联系宝塔 <a href="http://www.bt.cn/bbs" target="_brank">http://www.bt.cn/bbs</a></li>
					</ol>
				</div>
			</div>
		</body>
		</html>
html; 
		return $str1;

	}




}

$Waf = new \Waf\Waf();
$Waf->waf_black();
$Waf->waf_ua();
$Waf->waf();
$Waf->waf_cookie();
$Waf->waf_post();